Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8ea32206-4683-4bc7-99bf-9cc4a2958d84.roa
File: 8ea32206-4683-4bc7-99bf-9cc4a2958d84.roa (raw, json)
Hash identifier: qJhqmPIfPJmV6y0tR2KdiuqM6/8n/yECGbQfunNoRco=
Subject key identifier: 00:3A:57:92:0C:21:76:FF:18:FA:F5:76:B2:C4:63:89:7E:45:3C:78
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4D626744A02E7D8E085F0CB683228902B29B08E3
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8ea32206-4683-4bc7-99bf-9cc4a2958d84.roa
Signing time: Mon 11 Sep 2023 00:00:00 +0000
ROA not before: Mon 11 Sep 2023 00:00:00 +0000
ROA not after: Mon 16 Oct 2023 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d077:5000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 12 Sep 2023 14:37:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4d:62:67:44:a0:2e:7d:8e:08:5f:0c:b6:83:22:89:02:b2:9b:08:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 11 00:00:00 2023 GMT
Not After : Oct 16 23:59:59 2023 GMT
Subject: serialNumber=d75d029bac4ebee1d51f4dba8ea98abbe0652c247be8973fd0b5f1544c2a99b4, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:56:fa:e5:3b:0a:c8:d3:ad:06:17:b9:63:82:
04:c7:09:b1:e9:03:c5:46:fe:db:35:d7:89:24:a7:
5b:22:8e:b8:f9:aa:c9:a7:13:b2:79:cf:f5:d2:c1:
6f:0b:e3:de:77:72:17:ac:cf:2c:99:c6:d3:33:84:
61:24:75:f6:16:d4:c6:59:d0:e5:3e:ba:17:cc:72:
82:ea:72:91:87:67:3d:1c:36:8d:9f:0a:30:d1:d1:
19:f9:b5:a9:65:2b:83:65:40:32:fc:7d:41:86:83:
df:47:f1:33:92:25:45:1b:50:dc:fc:cc:31:c6:12:
48:19:c2:c4:47:e2:fd:4a:4e:d6:98:1c:fc:ed:39:
d3:07:d4:48:0b:7e:ef:20:51:78:99:a0:0f:01:0a:
15:0c:8b:82:e7:b2:13:11:94:8b:de:e9:e8:4b:0a:
87:61:d0:88:75:c1:e1:12:98:57:a1:3d:42:c8:63:
bb:3c:9f:a9:7c:99:de:cb:2d:47:09:2c:8d:53:a8:
1e:01:4e:65:89:41:e5:72:c9:ef:62:c9:ad:a7:9f:
1b:44:cb:4c:af:c4:0a:e5:1b:c1:b0:03:cb:c2:65:
8a:10:38:b2:0b:fb:37:ba:de:1b:84:18:7e:71:b3:
bf:c7:82:e3:58:3f:74:c6:38:53:4f:b2:22:8a:f8:
f2:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:3A:57:92:0C:21:76:FF:18:FA:F5:76:B2:C4:63:89:7E:45:3C:78
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8ea32206-4683-4bc7-99bf-9cc4a2958d84.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d077:5000::/40
Signature Algorithm: sha256WithRSAEncryption
33:a3:8c:b0:b6:03:6e:8a:53:3f:97:85:0c:42:68:8e:96:ac:
99:d7:57:a0:09:78:77:af:54:fd:a5:ec:3a:fe:b2:85:ee:1d:
d7:15:c5:d8:7e:5c:ab:42:3b:34:c8:0a:79:5b:d6:27:6d:ae:
d2:48:b9:01:52:e4:f8:ec:4b:ce:a9:bb:24:7e:06:8b:e4:ce:
e0:df:55:a2:68:aa:25:76:2b:d2:45:c5:90:2a:10:17:bc:4c:
8c:59:27:e9:12:36:4d:c6:c2:a0:55:2d:08:c7:c4:a7:b4:d8:
82:d7:75:ef:07:8c:d6:aa:28:0a:24:0e:54:12:23:c2:5d:31:
c0:49:0f:fb:37:54:4d:07:b0:e8:5c:19:8d:54:be:5d:dc:61:
6f:cf:2e:e5:4f:af:15:3f:84:87:13:2a:19:88:20:b3:b5:5f:
6d:d8:89:c1:19:8b:ec:07:a8:70:d4:ca:0c:0d:69:eb:9e:3e:
a3:d1:1c:97:98:22:d0:4d:e4:54:45:52:55:7d:0e:d8:46:47:
6f:b9:24:fb:6c:27:9f:6b:42:86:77:70:d8:c6:74:0a:59:81:
e7:c4:0a:b1:8c:04:bb:62:23:ca:a4:3f:d5:83:e6:cc:ed:f6:
a4:73:06:43:c1:ee:51:fa:25:3a:44:57:d9:49:15:e4:9e:f1:
0d:8b:21:6b
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUTWJnRKAufY4IXwy2gyKJArKbCOMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yMzA5MTEwMDAwMDBaFw0yMzEwMTYyMzU5NTlaMHoxSTBHBgNV
BAUTQGQ3NWQwMjliYWM0ZWJlZTFkNTFmNGRiYThlYTk4YWJiZTA2NTJjMjQ3YmU4
OTczZmQwYjVmMTU0NGMyYTk5YjQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANVW+uU7CsjTrQYXuWOCBMcJsekDxUb+2zXXiSSnWyKOuPmqyacTsnnP9dLB
bwvj3ndyF6zPLJnG0zOEYSR19hbUxlnQ5T66F8xygupykYdnPRw2jZ8KMNHRGfm1
qWUrg2VAMvx9QYaD30fxM5IlRRtQ3PzMMcYSSBnCxEfi/UpO1pgc/O050wfUSAt+
7yBReJmgDwEKFQyLgueyExGUi97p6EsKh2HQiHXB4RKYV6E9QshjuzyfqXyZ3sst
RwksjVOoHgFOZYlB5XLJ72LJraefG0TLTK/ECuUbwbADy8JlihA4sgv7N7reG4QY
fnGzv8eC41g/dMY4U0+yIor48hsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQAOleS
DCF2/xj69XayxGOJfkU8eDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OGVhMzIyMDYtNDY4My00YmM3LTk5YmYtOWNjNGEyOTU4ZDg0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HdQ
MA0GCSqGSIb3DQEBCwUAA4IBAQAzo4ywtgNuilM/l4UMQmiOlqyZ11egCXh3r1T9
pew6/rKF7h3XFcXYflyrQjs0yAp5W9Ynba7SSLkBUuT47EvOqbskfgaL5M7g31Wi
aKoldivSRcWQKhAXvEyMWSfpEjZNxsKgVS0Ix8SntNiC13XvB4zWqigKJA5UEiPC
XTHASQ/7N1RNB7DoXBmNVL5d3GFvzy7lT68VP4SHEyoZiCCztV9t2InBGYvsB6hw
1MoMDWnrnj6j0RyXmCLQTeRURVJVfQ7YRkdvuST7bCefa0KGd3DYxnQKWYHnxAqx
jAS7YiPKpD/Vg+bM7fakcwZDwe5R+iU6RFfZSRXknvENiyFr
-----END CERTIFICATE-----
Generated at Mon Sep 11 16:32:02 2023 by rpki-client on console-fra.rpki-client.org